Cyber-security chief resigns in protest

• Article
• Comments ()
• Click-2-Listen
• Videos

By Shaun Waterman UNITED PRESS INTERNATIONAL

The official in charge of coordinating the U.S. government's cyber-security operations has quit, saying the expanding control of the National Security Agency over the nation's computer security efforts poses "threats to our democratic processes."

"Even from a security standpoint, it is unwise to hand over the security of all government networks to a single organization," said Rod A. Beckstrom, the head of the Department of Homeland Security's National Cyber Security Center (NCSC) when speaking to United Press International.

"If our Founding Fathers were taking part in this debate [about the future organization of the government's cyber-security activities], there is no doubt in my mind they would support a separation of security powers among different [government] organizations, in line with their commitment to checks and balances," he said.

In a letter to Homeland Security Secretary Janet Napolitano last week, Mr. Beckstrom said the NSA "dominates most national cyber efforts" and "effectively controls DHS cyber efforts through detailees, technology insertions and the proposed move" of the NCSC to an NSA facility at the agency's Fort Meade, Md., headquarters.

"I believe this is a bad strategy on multiple grounds," Mr. Beckstrom wrote in the letter, a copy of which was obtained by UPI. "The intelligence culture is very different than a network operations or security culture. In addition, threats to our democratic processes are significant if all top-level government network security and monitoring are handled by any one organization."

Greg Garcia, who was the Bush administration's first presidentially appointed head of cyber-security at DHS before leaving last December - and who worked with Mr. Beckstrom for nine months - told UPI that although he did not share Mr. Beckstrom's anxiety, "I recognize the cautionary flag he is raising."

Mr. Beckstrom's resignation - after less than a year in office - comes as the Obama administration moves to complete a 60-day review of the way cyber-security efforts are organized in the U.S. government. Successive administrations have wrestled with the complex problem of how to delineate and define the roles of various intelligence, military and security agencies in assuring the integrity of the nation's computer networks, the vast majority of which are owned and operated by the private sector and depend for their efficacy on their open and accessible, and therefore security-unfriendly, architecture.

"There's been a lot of duplication and not enough coordination," Jessica Herrera-Flanigan, a former senior congressional staffer on the House Homeland Security Committee, told UPI.

Mr. Garcia said there had been a "fairly collaborative partnership, not just between NSA and DHS, but ... with a whole lot of moving parts" and different agencies within the government.

"Clearly, both operationally and technologically, the intelligence community is a key element," he said of the sprawling and sometimes fractious collection of spy agencies that serve the U.S. government. But he said DHS' role had to be primary "from a legal standpoint and from a trust and privacy standpoint."